package com.liveinstars.gateway.application.filter.factory;

import com.alibaba.fastjson.JSON;
import com.liveinstars.gateway.business.service.AuthService;
import com.liveinstars.api.dto.SignDTO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.web.server.ServerWebExchange;

import java.util.List;

/**
 * 适用于无法在调用前进行双向认证的，用于web端进行即时的验证的，安全性一般
 */
public class AesAuthGatewayFilterFactory extends AbstractAuthGatewayFilterFactory<AesAuthGatewayFilterFactory.Config>  {

    @Autowired
    @Qualifier("webAuthService")
    private AuthService authService;

    public AesAuthGatewayFilterFactory() {
        super(AesAuthGatewayFilterFactory.Config.class);
    }

    @Override
    public GatewayFilter apply(AesAuthGatewayFilterFactory.Config config) {
        return (exchange, chain) -> super.auth(exchange, chain);
    }

    public static class Config {

    }

    @Override
    SignDTO getSign(ServerWebExchange exchange) {
        List<String> list = exchange.getRequest().getHeaders().get("Authorization");
        String sign = exchange.getRequest().getHeaders().get("Authorization").get(0);
        SignDTO signDTO = JSON.parseObject(sign, SignDTO.class);
        return signDTO;
    }

    @Override
    boolean validateSign(SignDTO sign) throws Exception{
        return true;
//        try {
//            boolean result = authService.validateSign(sign.getSign(), sign.getSecretKeyVersion());
//            return result;
//        } catch (Exception e) {
//            throw e;
//        }
    }
}
